Environment variables
The Expo Open OTA server requires several environment variables to be set in order to function correctly. These variables are used to configure the server, interact with the Expo API, and manage the server's behavior.
You can set these variables in a .env file for local development or in your deployment environment.
Supported Environment Variables
🌍 API Configuration
| Name | Required | Description | Example | Reference |
|---|---|---|---|---|
BASE_URL | ✅ | Root URL of your server | https://ota.mysite.com | Ref |
🔑 Authentication & Security
| Name | Required | Description | Example | Reference |
|---|---|---|---|---|
JWT_SECRET | ✅ | JWT secret used to sign some endpoints | Random string | Ref |
📱 Expo Configuration
| Name | Required | Description | Example | Reference |
|---|---|---|---|---|
EXPO_APP_ID | ✅ | The ID of the Expo project | Random string | Ref |
EXPO_ACCESS_TOKEN | ✅ | Expo access token | Random string | Ref |
📦 Storage Configuration
| Name | Required | Description | Example | Reference |
|---|---|---|---|---|
STORAGE_MODE | ✅ | local or s3 | local | Ref |
S3_BUCKET_NAME | ✅ if STORAGE_MODE = s3 | S3 bucket name | my-bucket | Ref |
LOCAL_BUCKET_BASE_PATH | ✅ if STORAGE_MODE = local | Path to store assets | /path/to/assets | Ref |
🔐 Key store Configuration
| Name | Required | Description | Example | Reference |
|---|---|---|---|---|
KEYS_STORAGE_TYPE | ✅ | environment, aws-secrets-manager, or local | environment | Ref |
AWS Secrets Manager Key Store
| Name | Required | Description | Example | Reference |
|---|---|---|---|---|
AWSSM_EXPO_PUBLIC_KEY_SECRET_ID | ✅ if KEYS_STORAGE_TYPE = aws-secrets-manager | Expo public key secret name in AWS | my-expo-public-key | Ref |
AWSSM_EXPO_PRIVATE_KEY_SECRET_ID | ✅ if KEYS_STORAGE_TYPE = aws-secrets-manager | Expo private key secret name in AWS | my-expo-private-key | Ref |
Environment-Based Key Store
| Name | Required | Description | Example | Reference |
|---|---|---|---|---|
PUBLIC_EXPO_KEY_B64 | ✅ if KEYS_STORAGE_TYPE = environment | Base64-encoded Expo public key | Base64 string | Ref |
PRIVATE_EXPO_KEY_B64 | ✅ if KEYS_STORAGE_TYPE = environment | Base64-encoded Expo private key | Base64 string | Ref |
Local Key Store
| Name | Required | Description | Example | Reference |
|---|---|---|---|---|
PRIVATE_LOCAL_EXPO_KEY_PATH | ✅ if KEYS_STORAGE_TYPE = local | Path to the Expo private key | /path/to/private-key.pem | Ref |
PUBLIC_LOCAL_EXPO_KEY_PATH | ✅ if KEYS_STORAGE_TYPE = local | Path to the Expo public key | /path/to/public-key.pem | Ref |
☁️ AWS & CloudFront Configuration
| Name | Required | Description | Example | Reference |
|---|---|---|---|---|
AWS_REGION | ✅ if using aws-secrets-manager or s3 | AWS Region | us-east-1 | Ref, Storage |
AWS_ACCESS_KEY_ID | ✅ if using aws-secrets-manager or s3 without IAM roles | AWS Access Key ID | ACCESSKEYID | Ref, Storage |
AWS_SECRET_ACCESS_KEY | ✅ if using aws-secrets-manager or s3 without IAM roles | AWS Secret Access Key | SECRETACCESSKEY | Ref, Storage |
CloudFront Settings
| Name | Required | Description | Example | Reference |
|---|---|---|---|---|
CLOUDFRONT_DOMAIN | ❌ | CloudFront domain | https://XXX.cloudfront.net | Ref |
CLOUDFRONT_KEY_PAIR_ID | ✅ if CLOUDFRONT_DOMAIN is set | CloudFront key pair ID | Random string | Ref |
CLOUDFRONT_PRIVATE_KEY_B64 | ✅ if using environment & CLOUDFRONT_DOMAIN is set | Base64 CloudFront private key | Base64 string | Ref |
AWSSM_CLOUDFRONT_PRIVATE_KEY_SECRET_ID | ✅ if using aws-secrets-manager & CLOUDFRONT_DOMAIN is set | CloudFront private key in AWS Secrets Manager | my-cloudfront-private-key | Ref |
PRIVATE_LOCAL_CLOUDFRONT_KEY_PATH | ✅ if using local & CLOUDFRONT_DOMAIN is set | Path to CloudFront private key | /path/to/cloudfront-private-key.pem | Ref |